gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix memory leak

Browse Source
This commit is contained in:
root
2024-10-14 02:25:36 +00:00
parent 586f1c11b2
commit 78f733417c
15 changed files with 262 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/maat_bool_plugin.c
View File

@@ -268,18 +268,22 @@ bool_plugin_accept_tag_match(struct bool_plugin_schema *schema,
FREE(tag_str); FREE(tag_str);
if (TAG_MATCH_ERR == ret) { if (TAG_MATCH_ERR == ret) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_BOOL_PLUGIN, log_fatal(logger, MODULE_BOOL_PLUGIN,
"[%s:%d] bool_plugin table:<%s> has invalid tag" "[%s:%d] bool_plugin table:<%s> has invalid tag"
" in line:%s", __FUNCTION__, __LINE__, table_name, " in line:%s", __FUNCTION__, __LINE__, table_name,
cJSON_Print(json)); json_str);
FREE(json_str);
return TAG_MATCH_ERR; return TAG_MATCH_ERR;
} }
if (TAG_MATCH_UNMATCHED == ret) { if (TAG_MATCH_UNMATCHED == ret) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_BOOL_PLUGIN, log_fatal(logger, MODULE_BOOL_PLUGIN,
"[%s:%d] bool_plugin table:<%s> has unmatched tag" "[%s:%d] bool_plugin table:<%s> has unmatched tag"
" in line:%s", __FUNCTION__, __LINE__, table_name, " in line:%s", __FUNCTION__, __LINE__, table_name,
cJSON_Print(json)); json_str);
FREE(json_str);
return TAG_MATCH_UNMATCHED; return TAG_MATCH_UNMATCHED;
} }
} }
@@ -305,20 +309,24 @@ bool_plugin_expr_new(struct bool_plugin_schema *schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, schema->key_name); tmp_obj = cJSON_GetObjectItem(json, schema->key_name);
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_BOOL_PLUGIN, log_fatal(logger, MODULE_BOOL_PLUGIN,
"[%s:%d] bool_plugin table:<%s> has " "[%s:%d] bool_plugin table:<%s> has "
"no key_name %s or invalid format in line:%s", __FUNCTION__, "no key_name %s or invalid format in line:%s", __FUNCTION__,
__LINE__, table_name, schema->key_name, cJSON_Print(json)); __LINE__, table_name, schema->key_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, bool_expr->expr_uuid); uuid_parse(tmp_obj->valuestring, bool_expr->expr_uuid);
tmp_obj = cJSON_GetObjectItem(json, "bool_expr"); tmp_obj = cJSON_GetObjectItem(json, "bool_expr");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_BOOL_PLUGIN, log_fatal(logger, MODULE_BOOL_PLUGIN,
"[%s:%d] bool_plugin table:<%s> has " "[%s:%d] bool_plugin table:<%s> has "
"no bool_expr or invalid format in line:%s", __FUNCTION__, "no bool_expr or invalid format in line:%s", __FUNCTION__,
__LINE__, table_name, cJSON_Print(json)); __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
@@ -333,10 +341,12 @@ bool_plugin_expr_new(struct bool_plugin_schema *schema, const char *table_name,
ret = sscanf(sub_token, "%llu", items + n_item); ret = sscanf(sub_token, "%llu", items + n_item);
n_item++; n_item++;
if (ret != 1 || n_item > MAX_ITEMS_PER_BOOL_EXPR) { if (ret != 1 || n_item > MAX_ITEMS_PER_BOOL_EXPR) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_BOOL_PLUGIN, log_fatal(logger, MODULE_BOOL_PLUGIN,
"[%s:%d] bool_plugin table:<%s> has " "[%s:%d] bool_plugin table:<%s> has "
"invalid format of bool_expr in line:%s", "invalid format of bool_expr in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} }

26
src/maat_config_monitor.c
View File

@@ -186,35 +186,35 @@ void config_monitor_traverse(long long current_version, const cJSON *json_root,
} }
} }
static void object_info_add(struct object_info *object_name_map, const char *object_name, const char *object_uuid) static void object_info_add(struct object_info **object_name_map, const char *object_name, const char *object_uuid)
{ {
struct object_info *object_info = NULL; struct object_info *object_info = NULL;
HASH_FIND_STR(object_name_map, object_name, object_info); HASH_FIND_STR(*object_name_map, object_name, object_info);
if (object_info == NULL) { if (object_info == NULL) {
object_info = ALLOC(struct object_info, 1); object_info = ALLOC(struct object_info, 1);
strncpy(object_info->object_name, object_name, sizeof(object_info->object_name)); strncpy(object_info->object_name, object_name, sizeof(object_info->object_name));
strncpy(object_info->object_uuid, object_uuid, sizeof(object_info->object_uuid)); strncpy(object_info->object_uuid, object_uuid, sizeof(object_info->object_uuid));
HASH_ADD_STR(object_name_map, object_name, object_info); HASH_ADD_STR(*object_name_map, object_name, object_info);
} }
} }
static struct object_info *object_info_find(struct object_info *object_name_map, const char *object_name) static struct object_info *object_info_find(struct object_info **object_name_map, const char *object_name)
{ {
struct object_info *object_info = NULL; struct object_info *object_info = NULL;
HASH_FIND_STR(object_name_map, object_name, object_info); HASH_FIND_STR(*object_name_map, object_name, object_info);
return object_info; return object_info;
} }
static void object_info_free(struct object_info *object_name_map) static void object_info_free(struct object_info **object_name_map)
{ {
struct object_info *object_info, *tmp; struct object_info *object_info, *tmp;
HASH_ITER(hh, object_name_map, object_info, tmp) { HASH_ITER(hh, *object_name_map, object_info, tmp) {
HASH_DEL(object_name_map, object_info); HASH_DEL(*object_name_map, object_info);
FREE(object_info); FREE(object_info);
} }
} }
static void convert_condition(struct object_info *object_name_map, cJSON *condition, cJSON *top_items, int *object_gen_id, int *item_gen_id) static void convert_condition(struct object_info **object_name_map, cJSON *condition, cJSON *top_items, int *object_gen_id, int *item_gen_id)
{ {
cJSON *object_uuid_array = cJSON_CreateArray(); cJSON *object_uuid_array = cJSON_CreateArray();
cJSON *object_name = cJSON_GetObjectItem(condition, "object_name"); cJSON *object_name = cJSON_GetObjectItem(condition, "object_name");
@@ -386,11 +386,11 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
if (or_conditions) { if (or_conditions) {
cJSON *tmp_or_condition = NULL; cJSON *tmp_or_condition = NULL;
cJSON_ArrayForEach(tmp_or_condition, or_conditions) { cJSON_ArrayForEach(tmp_or_condition, or_conditions) {
convert_condition(object_name_map, tmp_or_condition, top_items, &object_gen_id, &item_gen_id); convert_condition(&object_name_map, tmp_or_condition, top_items, &object_gen_id, &item_gen_id);
} }
} else { } else {
cJSON *tmp_or_condition = cJSON_Duplicate(tmp_and_condition, 1); cJSON *tmp_or_condition = cJSON_Duplicate(tmp_and_condition, 1);
convert_condition(object_name_map, tmp_or_condition, top_items, &object_gen_id, &item_gen_id); convert_condition(&object_name_map, tmp_or_condition, top_items, &object_gen_id, &item_gen_id);
or_conditions = cJSON_CreateArray(); or_conditions = cJSON_CreateArray();
cJSON_AddItemToArray(or_conditions, tmp_or_condition); cJSON_AddItemToArray(or_conditions, tmp_or_condition);
@@ -400,7 +400,7 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
} }
object_info_free(object_name_map); object_info_free(&object_name_map);
} }
int load_maat_json_rule_file(struct maat *maat_inst, const char *json_filename, int load_maat_json_rule_file(struct maat *maat_inst, const char *json_filename,
@@ -464,5 +464,7 @@ int load_maat_json_rule_file(struct maat *maat_inst, const char *json_filename,
convert_maat_json_rule(json_root, json_buff); convert_maat_json_rule(json_root, json_buff);
FREE(json_buff);
return 0; return 0;
} }

26
src/maat_ex_data.c
View File

@@ -44,7 +44,17 @@ void cache_row_free(void *p)
free(*(char **)p); free(*(char **)p);
} }
UT_icd ut_cache_row_icd = {sizeof(char*), NULL, NULL, cache_row_free}; void cache_row_copy(void *dst, const void *src)
{
struct ex_data_row *ex_data_row_src = (struct ex_data_row *)src;
struct ex_data_row *ex_data_row_dst = (struct ex_data_row *)dst;
ex_data_row_dst->row = ALLOC(char, strlen(ex_data_row_src->row) + 1);
strcpy(ex_data_row_dst->row, ex_data_row_src->row);
ex_data_row_dst->op = ex_data_row_src->op;
}
UT_icd ut_cache_row_icd = {sizeof(struct ex_data_row), NULL, cache_row_copy, cache_row_free};
struct ex_data_runtime * struct ex_data_runtime *
ex_data_runtime_new(int table_id, int gc_timeout_s, struct log_handle *logger) ex_data_runtime_new(int table_id, int gc_timeout_s, struct log_handle *logger)
@@ -100,14 +110,16 @@ void ex_data_runtime_cache_row_put(struct ex_data_runtime *ex_data_rt, const cha
} }
size_t row_len = strlen(row); size_t row_len = strlen(row);
struct ex_data_row *ex_data_row = ALLOC(struct ex_data_row, 1); struct ex_data_row ex_data_row;
ex_data_row->row = ALLOC(char, row_len + 1); ex_data_row.row = ALLOC(char, row_len + 1);
ex_data_row->op = op; ex_data_row.op = op;
memcpy(ex_data_row->row, row, row_len); memcpy(ex_data_row.row, row, row_len);
ex_data_rt->cache_size += row_len; ex_data_rt->cache_size += row_len;
utarray_push_back(ex_data_rt->cache_rows, &ex_data_row); utarray_push_back(ex_data_rt->cache_rows, &ex_data_row);
ex_data_rt->cache_row_num++; ex_data_rt->cache_row_num++;
FREE(ex_data_row.row);
} }
const struct ex_data_row *ex_data_runtime_cached_row_get(struct ex_data_runtime *ex_data_rt, size_t index) const struct ex_data_row *ex_data_runtime_cached_row_get(struct ex_data_runtime *ex_data_rt, size_t index)
@@ -116,9 +128,7 @@ const struct ex_data_row *ex_data_runtime_cached_row_get(struct ex_data_runtime
return NULL; return NULL;
} }
const char **row = NULL; return (struct ex_data_row *)utarray_eltptr(ex_data_rt->cache_rows, index);
row = (const char **)utarray_eltptr(ex_data_rt->cache_rows, index);
return (struct ex_data_row *)*row;
} }
size_t ex_data_runtime_cached_row_count(struct ex_data_runtime *ex_data_rt) size_t ex_data_runtime_cached_row_count(struct ex_data_runtime *ex_data_rt)

24
src/maat_expr.c
View File

@@ -104,35 +104,43 @@ expr_item_new(struct expr_schema *expr_schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); tmp_obj = cJSON_GetObjectItem(json, "object_uuid");
if (tmp_obj == NULL && tmp_obj->type != cJSON_String) { if (tmp_obj == NULL && tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(expr_rt->logger, MODULE_EXPR, log_fatal(expr_rt->logger, MODULE_EXPR,
"[%s:%d] expr table:<%s> has no object_id in line:%s", "[%s:%d] expr table:<%s> has no object_id in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, expr_item->object_uuid); uuid_parse(tmp_obj->valuestring, expr_item->object_uuid);
tmp_obj = cJSON_GetObjectItem(json, "expression"); tmp_obj = cJSON_GetObjectItem(json, "expression");
if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { if (tmp_obj == NULL || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(expr_rt->logger, MODULE_EXPR, log_fatal(expr_rt->logger, MODULE_EXPR,
"[%s:%d] expr table:<%s> has no expression in line:%s", "[%s:%d] expr table:<%s> has no expression in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
len = strlen(tmp_obj->valuestring); len = strlen(tmp_obj->valuestring);
if (len > MAX_KEYWORDS_STR_LEN) { if (len > MAX_KEYWORDS_STR_LEN) {
char *json_str = cJSON_Print(json);
log_fatal(expr_rt->logger, MODULE_EXPR, log_fatal(expr_rt->logger, MODULE_EXPR,
"[%s:%d] expr table:<%s> expression length too long in line:%s", "[%s:%d] expr table:<%s> expression length too long in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
memcpy(expr_item->keywords, tmp_obj->valuestring, len); memcpy(expr_item->keywords, tmp_obj->valuestring, len);
tmp_obj = cJSON_GetObjectItem(json, "expr_type"); tmp_obj = cJSON_GetObjectItem(json, "expr_type");
if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { if (tmp_obj == NULL || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(expr_rt->logger, MODULE_EXPR, log_fatal(expr_rt->logger, MODULE_EXPR,
"[%s:%d] expr table:<%s> has no expr_type in line:%s", "[%s:%d] expr table:<%s> has no expr_type in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
@@ -145,9 +153,11 @@ expr_item_new(struct expr_schema *expr_schema, const char *table_name,
} }
if (expr_item->expr_type == EXPR_TYPE_INVALID) { if (expr_item->expr_type == EXPR_TYPE_INVALID) {
char *json_str = cJSON_Print(json);
log_fatal(expr_rt->logger, MODULE_EXPR, log_fatal(expr_rt->logger, MODULE_EXPR,
"[%s:%d] expr table:<%s> has invalid expr_type in line:%s", "[%s:%d] expr table:<%s> has invalid expr_type in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} else if (expr_item->expr_type == EXPR_TYPE_REGEX) { } else if (expr_item->expr_type == EXPR_TYPE_REGEX) {
ret = expr_matcher_verify_regex_expression(expr_item->keywords, expr_rt->logger); ret = expr_matcher_verify_regex_expression(expr_item->keywords, expr_rt->logger);
@@ -603,10 +613,12 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema,
uuid_t item_uuid; uuid_t item_uuid;
uuid_parse(tmp_obj->valuestring, item_uuid); uuid_parse(tmp_obj->valuestring, item_uuid);
if (uuid_is_null(item_uuid)) { if (uuid_is_null(item_uuid)) {
char *json_str = cJSON_Print(json);
log_fatal(expr_rt->logger, MODULE_EXPR, log_fatal(expr_rt->logger, MODULE_EXPR,
"[%s:%d] expr table:<%s> item_id wrong" "[%s:%d] expr table:<%s> item_id wrong"
" in table_line:%s", __FUNCTION__, __LINE__, table_name, " in table_line:%s", __FUNCTION__, __LINE__, table_name,
cJSON_Print(json)); json_str);
FREE(json_str);
expr_rt->update_err_cnt++; expr_rt->update_err_cnt++;
goto ERROR; goto ERROR;
} }

11
src/maat_flag.c
View File

@@ -202,18 +202,21 @@ flag_item_new(struct flag_schema *schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); tmp_obj = cJSON_GetObjectItem(json, "object_uuid");
if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { if (tmp_obj == NULL || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(flag_rt->logger, MODULE_FLAG, log_fatal(flag_rt->logger, MODULE_FLAG,
"[%s:%d] flag table:<%s> has no object_id in json:%s", "[%s:%d] flag table:<%s> has no object_id in json:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, item->object_uuid); uuid_parse(tmp_obj->valuestring, item->object_uuid);
tmp_obj = cJSON_GetObjectItem(json, "flag"); tmp_obj = cJSON_GetObjectItem(json, "flag");
if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) { if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) {
char *json_str = cJSON_Print(json);
log_fatal(flag_rt->logger, MODULE_FLAG, log_fatal(flag_rt->logger, MODULE_FLAG,
"[%s:%d] flag table:<%s> has no flag in json:%s", "[%s:%d] flag table:<%s> has no flag in json:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
@@ -221,9 +224,11 @@ flag_item_new(struct flag_schema *schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, "mask"); tmp_obj = cJSON_GetObjectItem(json, "mask");
if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) { if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) {
char *json_str = cJSON_Print(json);
log_fatal(flag_rt->logger, MODULE_FLAG, log_fatal(flag_rt->logger, MODULE_FLAG,
"[%s:%d] flag table:<%s> has no mask in json:%s", "[%s:%d] flag table:<%s> has no mask in json:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }

16
src/maat_fqdn_plugin.c
View File

@@ -220,18 +220,22 @@ fqdn_plugin_accept_tag_match(struct fqdn_plugin_schema *schema,
FREE(tag_str); FREE(tag_str);
if (TAG_MATCH_ERR == ret) { if (TAG_MATCH_ERR == ret) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_FQDN_PLUGIN, log_fatal(logger, MODULE_FQDN_PLUGIN,
"[%s:%d] fqdn_plugin table:<%s> has invalid tag" "[%s:%d] fqdn_plugin table:<%s> has invalid tag"
" format in line:%s", __FUNCTION__, __LINE__, " format in line:%s", __FUNCTION__, __LINE__,
table_name, cJSON_Print(json)); table_name, json_str);
FREE(json_str);
return TAG_MATCH_ERR; return TAG_MATCH_ERR;
} }
if (TAG_MATCH_UNMATCHED == ret) { if (TAG_MATCH_UNMATCHED == ret) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_FQDN_PLUGIN, log_fatal(logger, MODULE_FQDN_PLUGIN,
"[%s:%d] fqdn_plugin table:<%s> has unmatched tag" "[%s:%d] fqdn_plugin table:<%s> has unmatched tag"
" in line:%s", __FUNCTION__, __LINE__, table_name, " in line:%s", __FUNCTION__, __LINE__, table_name,
cJSON_Print(json)); json_str);
FREE(json_str);
return TAG_MATCH_UNMATCHED; return TAG_MATCH_UNMATCHED;
} }
} }
@@ -255,18 +259,22 @@ fqdn_plugin_rule_new(const cJSON *json, struct fqdn_plugin_schema *schema,
tmp_obj = cJSON_GetObjectItem(json, schema->key_name); tmp_obj = cJSON_GetObjectItem(json, schema->key_name);
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_FQDN_PLUGIN, log_fatal(logger, MODULE_FQDN_PLUGIN,
"[%s:%d] fqdn_plugin table:<%s> has no key_name or invalid format in line:%s", "[%s:%d] fqdn_plugin table:<%s> has no key_name or invalid format in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, fqdn_plugin_rule->uuid); uuid_parse(tmp_obj->valuestring, fqdn_plugin_rule->uuid);
tmp_obj = cJSON_GetObjectItem(json, "fqdn"); tmp_obj = cJSON_GetObjectItem(json, "fqdn");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_FQDN_PLUGIN, log_fatal(logger, MODULE_FQDN_PLUGIN,
"[%s:%d] fqdn_plugin table:<%s> has no fqdn in line:%s", "[%s:%d] fqdn_plugin table:<%s> has no fqdn in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }

8
src/maat_interval.c
View File

@@ -173,18 +173,22 @@ interval_item_new(struct interval_schema *schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); tmp_obj = cJSON_GetObjectItem(json, "object_uuid");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(interval_rt->logger, MODULE_INTERVAL, log_fatal(interval_rt->logger, MODULE_INTERVAL,
"[%s:%d] interval table:<%s> has no object_id in line:%s", "[%s:%d] interval table:<%s> has no object_id in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, item->object_uuid); uuid_parse(tmp_obj->valuestring, item->object_uuid);
tmp_obj = cJSON_GetObjectItem(json, "interval"); tmp_obj = cJSON_GetObjectItem(json, "interval");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(interval_rt->logger, MODULE_INTERVAL, log_fatal(interval_rt->logger, MODULE_INTERVAL,
"[%s:%d] interval table:<%s> has no interval in line:%s", "[%s:%d] interval table:<%s> has no interval in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
memcpy(port_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring)); memcpy(port_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring));

20
src/maat_ip.c
View File

@@ -109,18 +109,22 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); tmp_obj = cJSON_GetObjectItem(json, "object_uuid");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP, log_fatal(logger, MODULE_IP,
"[%s:%d] ip table:<%s> has no object_id in line:%s", "[%s:%d] ip table:<%s> has no object_id in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, ip_item->object_uuid); uuid_parse(tmp_obj->valuestring, ip_item->object_uuid);
tmp_obj = cJSON_GetObjectItem(json, "ip"); tmp_obj = cJSON_GetObjectItem(json, "ip");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP, log_fatal(logger, MODULE_IP,
"[%s:%d] ip table:<%s> has no ip in line:%s", "[%s:%d] ip table:<%s> has no ip in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
memcpy(ip_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring)); memcpy(ip_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring));
@@ -134,18 +138,22 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
if (IPv4 == ip_item->addr_type) { if (IPv4 == ip_item->addr_type) {
ret = ip_format2range(ip_str, ip_item->addr_type, &ip_item->ipv4.min_ip, &ip_item->ipv4.max_ip); ret = ip_format2range(ip_str, ip_item->addr_type, &ip_item->ipv4.min_ip, &ip_item->ipv4.max_ip);
if (ret < 0) { if (ret < 0) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP, log_fatal(logger, MODULE_IP,
"[%s:%d] ip table:<%s> ip_format2range(ip4) failed in line:%s", "[%s:%d] ip table:<%s> ip_format2range(ip4) failed in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} else { } else {
//ipv6 //ipv6
ret = ip_format2range(ip_str, ip_item->addr_type, ip_item->ipv6.min_ip, ip_item->ipv6.max_ip); ret = ip_format2range(ip_str, ip_item->addr_type, ip_item->ipv6.min_ip, ip_item->ipv6.max_ip);
if (ret < 0) { if (ret < 0) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP, log_fatal(logger, MODULE_IP,
"[%s:%d] ip table:<%s> ip_format2range(ip6) failed in line:%s", "[%s:%d] ip table:<%s> ip_format2range(ip6) failed in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} }
@@ -319,9 +327,11 @@ int ip_runtime_update(void *ip_runtime, void *ip_schema,
tmp_obj = cJSON_GetObjectItem(json, "uuid"); tmp_obj = cJSON_GetObjectItem(json, "uuid");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(ip_rt->logger, MODULE_IP, log_fatal(ip_rt->logger, MODULE_IP,
"[%s:%d] ip table:<%s> has no item_id in line:%s", "[%s:%d] ip table:<%s> has no item_id in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
ip_rt->update_err_cnt++; ip_rt->update_err_cnt++;
goto ERROR; goto ERROR;
} }

24
src/maat_ip_plugin.c
View File

@@ -118,16 +118,20 @@ ip_plugin_accept_tag_match(struct ip_plugin_schema *schema,
FREE(tag_str); FREE(tag_str);
if (TAG_MATCH_ERR == ret) { if (TAG_MATCH_ERR == ret) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP_PLUGIN, log_fatal(logger, MODULE_IP_PLUGIN,
"[%s:%d] ip_plugin table:<%s> has invalid tag format" "[%s:%d] ip_plugin table:<%s> has invalid tag format"
" in line:%s", __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); " in line:%s", __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
return TAG_MATCH_ERR; return TAG_MATCH_ERR;
} }
if (TAG_MATCH_UNMATCHED == ret) { if (TAG_MATCH_UNMATCHED == ret) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP_PLUGIN, log_fatal(logger, MODULE_IP_PLUGIN,
"[%s:%d] ip_plugin table:<%s> has unmatched tag in line:%s", "[%s:%d] ip_plugin table:<%s> has unmatched tag in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
return TAG_MATCH_UNMATCHED; return TAG_MATCH_UNMATCHED;
} }
} }
@@ -151,18 +155,22 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, schema->key_name); tmp_obj = cJSON_GetObjectItem(json, schema->key_name);
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP_PLUGIN, log_fatal(logger, MODULE_IP_PLUGIN,
"[%s:%d] ip_plugin table:<%s> has no key %s or invalid format in line:%s", "[%s:%d] ip_plugin table:<%s> has no key %s or invalid format in line:%s",
__FUNCTION__, __LINE__, table_name, schema->key_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, schema->key_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, ip_plugin_rule->rule_uuid); uuid_parse(tmp_obj->valuestring, ip_plugin_rule->rule_uuid);
tmp_obj = cJSON_GetObjectItem(json, "ip"); tmp_obj = cJSON_GetObjectItem(json, "ip");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP_PLUGIN, log_fatal(logger, MODULE_IP_PLUGIN,
"[%s:%d] ip_plugin table:<%s> has no ip field or invalid format in line:%s", "[%s:%d] ip_plugin table:<%s> has no ip field or invalid format in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
strncpy(ip_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring)); strncpy(ip_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring));
@@ -176,20 +184,24 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name,
if (IPv4 == ip_plugin_rule->type) { if (IPv4 == ip_plugin_rule->type) {
ret = ip_format2range(ip_str, ip_plugin_rule->type, &ip_plugin_rule->ipv4_rule.start_ip, &ip_plugin_rule->ipv4_rule.end_ip); ret = ip_format2range(ip_str, ip_plugin_rule->type, &ip_plugin_rule->ipv4_rule.start_ip, &ip_plugin_rule->ipv4_rule.end_ip);
if (ret < 0) { if (ret < 0) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP_PLUGIN, log_fatal(logger, MODULE_IP_PLUGIN,
"[%s:%d] ip_plugin table:<%s>> ip_format2range(ip4)" "[%s:%d] ip_plugin table:<%s>> ip_format2range(ip4)"
" failed in line:%s", __FUNCTION__, __LINE__, " failed in line:%s", __FUNCTION__, __LINE__,
table_name, cJSON_Print(json)); table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} else { } else {
//ipv6 //ipv6
ret = ip_format2range(ip_str, ip_plugin_rule->type, ip_plugin_rule->ipv6_rule.start_ip, ip_plugin_rule->ipv6_rule.end_ip); ret = ip_format2range(ip_str, ip_plugin_rule->type, ip_plugin_rule->ipv6_rule.start_ip, ip_plugin_rule->ipv6_rule.end_ip);
if (ret < 0) { if (ret < 0) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IP_PLUGIN, log_fatal(logger, MODULE_IP_PLUGIN,
"[%s:%d] ip_plugin table:<%s> ip_format2range(ip6)" "[%s:%d] ip_plugin table:<%s> ip_format2range(ip6)"
" failed in line:%s", __FUNCTION__, __LINE__, " failed in line:%s", __FUNCTION__, __LINE__,
table_name, cJSON_Print(json)); table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} }

20
src/maat_ipport_plugin.c
View File

@@ -233,18 +233,22 @@ ipport_item_new(struct ipport_plugin_schema *schema, const char *table_name,
tmp_obj = cJSON_GetObjectItem(json, schema->key_name); tmp_obj = cJSON_GetObjectItem(json, schema->key_name);
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IPPORT_PLUGIN, log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> has no key or invalid format, line:%s", "[%s:%d] ipport table:<%s> has no key or invalid format, line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, ipport_item->item_uuid); uuid_parse(tmp_obj->valuestring, ipport_item->item_uuid);
tmp_obj = cJSON_GetObjectItem(json, "ip"); tmp_obj = cJSON_GetObjectItem(json, "ip");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IPPORT_PLUGIN, log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> has no ip or invalid format in line:%s", "[%s:%d] ipport table:<%s> has no ip or invalid format in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
strncpy(ip_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring)); strncpy(ip_str, tmp_obj->valuestring, strlen(tmp_obj->valuestring));
@@ -258,27 +262,33 @@ ipport_item_new(struct ipport_plugin_schema *schema, const char *table_name,
if (IPV4 == ipport_item->ip_type) { if (IPV4 == ipport_item->ip_type) {
ret = ip_format2range(ip_str, ipport_item->ip_type, &ipport_item->ipv4.min_ip, &ipport_item->ipv4.max_ip); ret = ip_format2range(ip_str, ipport_item->ip_type, &ipport_item->ipv4.min_ip, &ipport_item->ipv4.max_ip);
if (ret < 0) { if (ret < 0) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IPPORT_PLUGIN, log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> ip_format2range(ip4) failed in line:%s", "[%s:%d] ipport table:<%s> ip_format2range(ip4) failed in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} else { } else {
//ipv6 //ipv6
ret = ip_format2range(ip_str, ipport_item->ip_type, ipport_item->ipv6.min_ip, ipport_item->ipv6.max_ip); ret = ip_format2range(ip_str, ipport_item->ip_type, ipport_item->ipv6.min_ip, ipport_item->ipv6.max_ip);
if (ret < 0) { if (ret < 0) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IPPORT_PLUGIN, log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> ip_format2range(ip6) failed in line:%s", "[%s:%d] ipport table:<%s> ip_format2range(ip6) failed in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }
} }
tmp_obj = cJSON_GetObjectItem(json, "port"); tmp_obj = cJSON_GetObjectItem(json, "port");
if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { if (NULL == tmp_obj || tmp_obj->type != cJSON_String) {
char *json_str = cJSON_Print(json);
log_fatal(logger, MODULE_IPPORT_PLUGIN, log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> has no port or invalid format in line:%s", "[%s:%d] ipport table:<%s> has no port or invalid format in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, json_str);
FREE(json_str);
goto error; goto error;
} }

29
src/maat_plugin.c
View File

@@ -378,7 +378,7 @@ static int plugin_accept_tag_match(struct plugin_schema *schema,
{ {
size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr); size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr);
cJSON *tmp_obj = NULL; cJSON *tmp_obj = NULL;
int ret = 0; int ret = TAG_MATCH_MATCHED;
cJSON *json = cJSON_Parse(line); cJSON *json = cJSON_Parse(line);
tmp_obj = cJSON_GetObjectItem(json, "effective_range"); tmp_obj = cJSON_GetObjectItem(json, "effective_range");
@@ -390,21 +390,24 @@ static int plugin_accept_tag_match(struct plugin_schema *schema,
if (TAG_MATCH_ERR == ret) { if (TAG_MATCH_ERR == ret) {
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] table: <%s> has invalid tag format in table_line:%s", "[%s:%d] table: <%s> has invalid tag format in table_line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, line);
return TAG_MATCH_ERR; goto END;
} }
if (TAG_MATCH_UNMATCHED == ret) { if (TAG_MATCH_UNMATCHED == ret) {
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] table: <%s> has unmatched tag in table_line:%s", "[%s:%d] table: <%s> has unmatched tag in table_line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, line);
return TAG_MATCH_UNMATCHED; goto END;
} }
} }
END:
if (json) {
cJSON_Delete(json); cJSON_Delete(json);
}
return TAG_MATCH_MATCHED; return ret;
} }
static int plugin_table_line_get_ip_key(struct plugin_schema *schema, static int plugin_table_line_get_ip_key(struct plugin_schema *schema,
@@ -419,7 +422,7 @@ static int plugin_table_line_get_ip_key(struct plugin_schema *schema,
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> ip_key too long exceed maximum:%d in " "[%s:%d] plugin table:<%s> ip_key too long exceed maximum:%d in "
"table_line:%s", __FUNCTION__, __LINE__, table_name, "table_line:%s", __FUNCTION__, __LINE__, table_name,
INET6_ADDRSTRLEN, cJSON_Print(json)); INET6_ADDRSTRLEN, line);
goto ERROR; goto ERROR;
} }
@@ -430,7 +433,7 @@ static int plugin_table_line_get_ip_key(struct plugin_schema *schema,
if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) { if (tmp_obj == NULL || tmp_obj->type != cJSON_Number) {
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> has no addr_type or not number format in table_line:%s", "[%s:%d] plugin table:<%s> has no addr_type or not number format in table_line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, line);
goto ERROR; goto ERROR;
} }
@@ -446,7 +449,7 @@ static int plugin_table_line_get_ip_key(struct plugin_schema *schema,
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> ipv4 key" "[%s:%d] plugin table:<%s> ipv4 key"
" illegal in table_line:%s", " illegal in table_line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, line);
goto ERROR; goto ERROR;
} }
@@ -459,7 +462,7 @@ static int plugin_table_line_get_ip_key(struct plugin_schema *schema,
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> ipv6 key" "[%s:%d] plugin table:<%s> ipv6 key"
" illegal in table_line:%s", " illegal in table_line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, line);
goto ERROR; goto ERROR;
} }
@@ -469,11 +472,15 @@ static int plugin_table_line_get_ip_key(struct plugin_schema *schema,
log_fatal(logger, MODULE_PLUGIN, log_fatal(logger, MODULE_PLUGIN,
"[%s:%d] plugin table:<%s> addr_type:%d illegal, just" "[%s:%d] plugin table:<%s> addr_type:%d illegal, just"
" allow{4, 6}, table_line:%s", " allow{4, 6}, table_line:%s",
__FUNCTION__, __LINE__, table_name, addr_type, cJSON_Print(json)); __FUNCTION__, __LINE__, table_name, addr_type, line);
goto ERROR; goto ERROR;
} }
if (json) {
cJSON_Delete(json);
}
return 0; return 0;
ERROR: ERROR:
if (json) { if (json) {
cJSON_Delete(json); cJSON_Delete(json);

60
src/maat_rule.c
View File

@@ -345,6 +345,10 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule
rule_item->condition_num = rule->condition_num; rule_item->condition_num = rule->condition_num;
rule->user_data = rule_item; rule->user_data = rule_item;
if (table_json) {
cJSON_Delete(table_json);
}
return rule; return rule;
error: error:
@@ -352,6 +356,10 @@ error:
maat_rule_free(rule); maat_rule_free(rule);
} }
if (table_json) {
cJSON_Delete(table_json);
}
return NULL; return NULL;
} }
@@ -361,33 +369,38 @@ static int rule_accept_tag_match(struct rule_schema *schema, const char *line,
size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr); size_t n_tag = table_manager_accept_tags_count(schema->ref_tbl_mgr);
cJSON *tmp_obj = NULL; cJSON *tmp_obj = NULL;
cJSON *table_json = cJSON_Parse(line); cJSON *table_json = cJSON_Parse(line);
int ret = TAG_MATCH_MATCHED;
tmp_obj = cJSON_GetObjectItem(table_json, "effective_range"); tmp_obj = cJSON_GetObjectItem(table_json, "effective_range");
if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) { if ((tmp_obj && cJSON_GetArraySize(tmp_obj) > 0) && n_tag > 0) {
char *tag_str = cJSON_Print(tmp_obj); char *tag_str = cJSON_Print(tmp_obj);
int ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str); ret = table_manager_accept_tags_match(schema->ref_tbl_mgr, tag_str);
FREE(tag_str); FREE(tag_str);
if (TAG_MATCH_ERR == ret) { if (TAG_MATCH_ERR == ret) {
log_fatal(logger, MODULE_RULE, log_fatal(logger, MODULE_RULE,
"[%s:%d] table: <%s> has invalid tag format in line:%s", "[%s:%d] table: <%s> has invalid tag format in line:%s",
__FUNCTION__, __LINE__, table_name, line); __FUNCTION__, __LINE__, table_name, line);
return TAG_MATCH_ERR; goto END;
} }
if (TAG_MATCH_UNMATCHED == ret) { if (TAG_MATCH_UNMATCHED == ret) {
log_fatal(logger, MODULE_RULE, log_fatal(logger, MODULE_RULE,
"[%s:%d] table: <%s> has unmatched tag in line:%s", "[%s:%d] table: <%s> has unmatched tag in line:%s",
__FUNCTION__, __LINE__, table_name, line); __FUNCTION__, __LINE__, table_name, line);
return TAG_MATCH_UNMATCHED; goto END;
} }
} }
return TAG_MATCH_MATCHED; END:
if (table_json) {
cJSON_Delete(table_json);
}
return ret;
} }
static struct rule_item * static struct rule_item *rule_item_new(const char *table_line, struct rule_schema *schema,
rule_item_new(const char *table_line, struct rule_schema *schema,
const char *table_name, struct log_handle *logger) const char *table_name, struct log_handle *logger)
{ {
int ret = rule_accept_tag_match(schema, table_line, table_name, logger); int ret = rule_accept_tag_match(schema, table_line, table_name, logger);
@@ -403,7 +416,7 @@ rule_item_new(const char *table_line, struct rule_schema *schema,
if (tmp_obj == NULL && tmp_obj->type != cJSON_String) { if (tmp_obj == NULL && tmp_obj->type != cJSON_String) {
log_fatal(logger, MODULE_RULE, log_fatal(logger, MODULE_RULE,
"[%s:%d] table: <%s> has no rule_id or not string format in line:%s", "[%s:%d] table: <%s> has no rule_id or not string format in line:%s",
__FUNCTION__, __LINE__, table_name, cJSON_Print(table_json)); __FUNCTION__, __LINE__, table_name, table_line);
goto error; goto error;
} }
uuid_parse(tmp_obj->valuestring, rule_item->rule_uuid); uuid_parse(tmp_obj->valuestring, rule_item->rule_uuid);
@@ -530,6 +543,25 @@ void rule_runtime_free(void *rule_runtime)
rule_rt->not_condition_id_kv_hash = NULL; rule_rt->not_condition_id_kv_hash = NULL;
} }
if (rule_rt->tbl_not_condition_hash != NULL) {
struct table_condition *not_condition = NULL, *tmp_not_condition = NULL;
HASH_ITER(hh, rule_rt->tbl_not_condition_hash, not_condition, tmp_not_condition) {
HASH_DEL(rule_rt->tbl_not_condition_hash, not_condition);
if (not_condition->condition_ids != NULL) {
utarray_free(not_condition->condition_ids);
not_condition->condition_ids = NULL;
}
if (not_condition->object_ids != NULL) {
utarray_free(not_condition->object_ids);
not_condition->object_ids = NULL;
}
FREE(not_condition);
}
assert(rule_rt->tbl_not_condition_hash == NULL);
}
if (rule_rt->expr_match_buff != NULL) { if (rule_rt->expr_match_buff != NULL) {
FREE(rule_rt->expr_match_buff); FREE(rule_rt->expr_match_buff);
} }
@@ -1424,7 +1456,7 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt,
struct rule_item *rule_item = rule_item_new(line, schema, table_name, struct rule_item *rule_item = rule_item_new(line, schema, table_name,
rule_rt->logger); rule_rt->logger);
if (NULL == rule_item) { if (NULL == rule_item) {
return -1; goto ERROR;
} }
int table_id = table_manager_get_table_id(schema->ref_tbl_mgr, table_name); int table_id = table_manager_get_table_id(schema->ref_tbl_mgr, table_name);
@@ -1432,7 +1464,7 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt,
log_fatal(logger, MODULE_RULE, log_fatal(logger, MODULE_RULE,
"[%s:%d]table_name:%s has invalid table_id:%d, drop line:%s", "[%s:%d]table_name:%s has invalid table_id:%d, drop line:%s",
__FUNCTION__, __LINE__, table_name, table_id, line); __FUNCTION__, __LINE__, table_name, table_id, line);
return -1; goto ERROR;
} }
int updating_flag = rcu_hash_is_updating(rule_rt->cfg_hash); int updating_flag = rcu_hash_is_updating(rule_rt->cfg_hash);
@@ -1449,6 +1481,7 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt,
log_fatal(logger, MODULE_RULE, log_fatal(logger, MODULE_RULE,
"[%s:%d]rule_id:%s already existed in rule table, drop line:%s", "[%s:%d]rule_id:%s already existed in rule table, drop line:%s",
__FUNCTION__, __LINE__, rule_uuid_str, line); __FUNCTION__, __LINE__, rule_uuid_str, line);
goto ERROR;
} }
rule = maat_rule_new(rule_rt, schema, table_name, *rule_uuid, line, rule_item); rule = maat_rule_new(rule_rt, schema, table_name, *rule_uuid, line, rule_item);
@@ -1456,12 +1489,19 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt,
log_fatal(logger, MODULE_RULE, log_fatal(logger, MODULE_RULE,
"[%s:%d]maat_rule_new failed, drop line:%s", "[%s:%d]maat_rule_new failed, drop line:%s",
__FUNCTION__, __LINE__, line); __FUNCTION__, __LINE__, line);
return -1; goto ERROR;
} }
rcu_hash_add(rule_rt->cfg_hash, (char *)rule_uuid, sizeof(uuid_t), rule); rcu_hash_add(rule_rt->cfg_hash, (char *)rule_uuid, sizeof(uuid_t), rule);
return 0; return 0;
ERROR:
if (rule_item != NULL) {
rule_item_free(rule_item);
}
return -1;
} }
static void rule_runtime_del_rule(struct rule_runtime *rule_rt, static void rule_runtime_del_rule(struct rule_runtime *rule_rt,

8
test/maat_framework_gtest.cpp
View File

@@ -5104,10 +5104,10 @@ void ipport_plugin_ex_free_cb(const char *table_name, void **ad, long argl, void
if (ud->buffer) { if (ud->buffer) {
memset(ud->buffer, 0, ud->buf_len); memset(ud->buffer, 0, ud->buf_len);
ud->buf_len = 0; ud->buf_len = 0;
free(ud->buffer); FREE(ud->buffer);
} }
free(ud); FREE(ud);
*ad = NULL; *ad = NULL;
} }
@@ -5656,6 +5656,8 @@ void rule_ex_param_new(const char *table_name, const char *key,
(*counter)++; (*counter)++;
*ad = param; *ad = param;
cJSON_Delete(json);
} }
void rule_ex_param_free(const char *table_name, void **ad, long argl, void *argp) void rule_ex_param_free(const char *table_name, void **ad, long argl, void *argp)
@@ -5828,6 +5830,8 @@ void accept_tags_entry_cb(const char *table_name, const char *table_line, enum m
EXPECT_STREQ(tmp_obj->valuestring, "SUCCESS"); EXPECT_STREQ(tmp_obj->valuestring, "SUCCESS");
(*callback_times)++; (*callback_times)++;
cJSON_Delete(json);
} }
TEST_F(Policy, PluginRuleTags1) { TEST_F(Policy, PluginRuleTags1) {

55
test/maat_json.json
View File

@@ -304,30 +304,6 @@
} }
] ]
}, },
{
"object_name": "vt_grp_http_sig2",
"uuid": "00000000-0000-0000-0000-000000000153",
"items": [
{
"table_name": "HTTP_SIGNATURE",
"table_type": "expr",
"table_content": {
"expression": "uid=12345678",
"expr_type": "and"
}
},
{
"table_name": "HTTP_SIGNATURE",
"table_type": "expr",
"table_content": {
"expression": "sessionid=888888",
"expr_type": "and"
}
}
]
},
{ {
"object_name": "167_url_object", "object_name": "167_url_object",
"uuid": "00000000-0000-0000-0000-000000000158", "uuid": "00000000-0000-0000-0000-000000000158",
@@ -1922,16 +1898,37 @@
{ {
"attribute_name": "HTTP_REQUEST_HEADER", "attribute_name": "HTTP_REQUEST_HEADER",
"negate_option": false, "negate_option": false,
"object_uuids": [ "objects": [
"00000000-0000-0000-0000-000000000153" {
"object_name": "vt_grp_http_sig2",
"uuid": "00000000-0000-0000-0000-000000000153",
"items": [
{
"table_name": "HTTP_SIGNATURE",
"table_type": "expr",
"table_content": {
"expression": "uid=12345678",
"expr_type": "and"
}
},
{
"table_name": "HTTP_SIGNATURE",
"table_type": "expr",
"table_content": {
"expression": "sessionid=888888",
"expr_type": "and"
}
}
]
}
] ]
}, },
{ {
"attribute_name": "HTTP_RESPONSE_HEADER", "attribute_name": "HTTP_RESPONSE_HEADER",
"negate_option": false, "negate_option": false,
"object_uuids": [ "object_name": "vt_grp_http_sig2"
"00000000-0000-0000-0000-000000000153"
]
} }
] ]
}, },

24
test/test_utils.cpp
View File

@@ -24,6 +24,8 @@ make_serial_rule(const char *table_name, const char *line, void *u_para, enum ma
struct serial_rule *s_rule=(struct serial_rule *)u_para; struct serial_rule *s_rule=(struct serial_rule *)u_para;
redisContext *ctx = s_rule->ref_ctx; redisContext *ctx = s_rule->ref_ctx;
char *buff = ALLOC(char, strlen(line) + 1); char *buff = ALLOC(char, strlen(line) + 1);
cJSON *rule_uuid = NULL;
int ret = 0;
memcpy(buff, line, strlen(line) + 1); memcpy(buff, line, strlen(line) + 1);
@@ -34,16 +36,18 @@ make_serial_rule(const char *table_name, const char *line, void *u_para, enum ma
cJSON *json = cJSON_Parse(line); cJSON *json = cJSON_Parse(line);
if (NULL == json) { if (NULL == json) {
return -1; ret = -1;
goto END;
} }
cJSON *rule_uuid = cJSON_GetObjectItem(json, "uuid"); rule_uuid = cJSON_GetObjectItem(json, "uuid");
if (NULL == rule_uuid) { if (NULL == rule_uuid) {
rule_uuid = cJSON_GetObjectItem(json, "object_uuid");//for object2object table rule_uuid = cJSON_GetObjectItem(json, "object_uuid");//for object2object table
} }
if (NULL == rule_uuid || rule_uuid->type != cJSON_String) { if (NULL == rule_uuid || rule_uuid->type != cJSON_String) {
return -1; ret = -1;
goto END;
} }
maat_set_serial_rule(s_rule + line_idx, op, rule_uuid->valuestring, maat_set_serial_rule(s_rule + line_idx, op, rule_uuid->valuestring,
@@ -51,9 +55,15 @@ make_serial_rule(const char *table_name, const char *line, void *u_para, enum ma
(s_rule + line_idx)->ref_ctx = ctx; (s_rule + line_idx)->ref_ctx = ctx;
line_idx++; line_idx++;
END:
if (json) {
cJSON_Delete(json);
}
if (buff) {
FREE(buff); FREE(buff);
}
return 0; return ret;
} }
int write_json_to_redis(const char *json_filename, char *redis_ip, int redis_port, int write_json_to_redis(const char *json_filename, char *redis_ip, int redis_port,
@@ -71,6 +81,10 @@ int write_json_to_redis(const char *json_filename, char *redis_ip, int redis_por
convert_maat_json_rule(&json_root, (unsigned char *)json_buff); convert_maat_json_rule(&json_root, (unsigned char *)json_buff);
if (json_buff) {
FREE(json_buff);
}
redisContext *c = maat_connect_redis(redis_ip, redis_port, redis_db, logger); redisContext *c = maat_connect_redis(redis_ip, redis_port, redis_db, logger);
if (NULL == c) { if (NULL == c) {
return -1; return -1;
@@ -162,6 +176,8 @@ int rule_table_set_line(struct maat *maat_inst, const char *table_name,
int ret = maat_cmd_set_line(maat_inst, &line_rule, op); int ret = maat_cmd_set_line(maat_inst, &line_rule, op);
free(json_str); free(json_str);
cJSON_Delete(json_root);
return ret; return ret;
} }